]> git.saurik.com Git - apple/security.git/blobdiff - OSX/sec/securityd/SecKeybagSupport.h
projects / apple / security.git / blobdiff
? search:
summary | shortlog | log | commit | commitdiff | tree
raw | inline | side by side
Security-59306.11.20.tar.gz
[apple/security.git] / OSX / sec / securityd / SecKeybagSupport.h
diff --git a/OSX/sec/securityd/SecKeybagSupport.h b/OSX/sec/securityd/SecKeybagSupport.h
index 565952c056577b973c479900c9668a302a29c6d0..b2b6aa28cfbc93c19c5aa8f3c7ec72c290e11f36 100644 (file)
--- a/OSX/sec/securityd/SecKeybagSupport.h
+++ b/OSX/sec/securityd/SecKeybagSupport.h
@@ -29,34 +29,25 @@
 #define _SECURITYD_SECKEYBAGSUPPORT_H_
 
 #include <CoreFoundation/CoreFoundation.h>
-#include <utilities/SecAKSWrappers.h>
+#include "utilities/SecAKSWrappers.h"
 #include <libaks_acl_cf_keys.h>
+#include <TargetConditionals.h>
 
 #ifndef USE_KEYSTORE
-#define USE_KEYSTORE TARGET_HAS_KEYSTORE
+// Use keystore (real or mock) on all platforms, except bridge
+#define USE_KEYSTORE !TARGET_OS_BRIDGE
 #endif
 
-#if USE_KEYSTORE
+#if __has_include(<Kernel/IOKit/crypto/AppleKeyStoreDefs.h>)
 #include <Kernel/IOKit/crypto/AppleKeyStoreDefs.h>
+#endif
+
+#if USE_KEYSTORE
 #include <Security/SecAccessControlPriv.h>
 #endif /* USE_KEYSTORE */
 
 __BEGIN_DECLS
 
-#if !USE_KEYSTORE
-/* TODO: this needs to be available in the sim! */
-typedef int32_t keyclass_t;
-typedef int32_t key_handle_t;
-enum key_classes {
-    key_class_ak = 6,
-    key_class_ck,
-    key_class_dk,
-    key_class_aku,
-    key_class_cku,
-    key_class_dku,
-    key_class_akpu
-};
-#endif /* !USE_KEYSTORE */
 
 /* KEYBAG_NONE is private to security and have special meaning.
  They should not collide with AppleKeyStore constants, but are only referenced
@@ -67,6 +58,7 @@ enum key_classes {
 extern keybag_handle_t g_keychain_keybag;
 
 bool use_hwaes(void);
+
 bool ks_crypt(CFTypeRef operation, keybag_handle_t keybag,
               keyclass_t keyclass, uint32_t textLength, const uint8_t *source, keyclass_t *actual_class,
               CFMutableDataRef dest, CFErrorRef *error);
@@ -83,6 +75,9 @@ bool ks_delete_acl(aks_ref_key_t ref_key, CFDataRef encrypted_data,
 const void* ks_ref_key_get_external_data(keybag_handle_t keybag, CFDataRef key_data,
                                          aks_ref_key_t *ref_key, size_t *external_data_len, CFErrorRef *error);
 bool ks_separate_data_and_key(CFDictionaryRef blob_dict, CFDataRef *ed_data, CFDataRef *key_data);
+
+bool ks_access_control_needed_error(CFErrorRef *error, CFDataRef access_control_data, CFTypeRef operation);
+bool create_cferror_from_aks(int aks_return, CFTypeRef operation, keybag_handle_t keybag, keyclass_t keyclass, CFDataRef access_control_data, CFDataRef acm_context_data, CFErrorRef *error);
 #endif
 bool ks_open_keybag(CFDataRef keybag, CFDataRef password, keybag_handle_t *handle, CFErrorRef *error);
 bool ks_close_keybag(keybag_handle_t keybag, CFErrorRef *error);
mirror of Security